otplib-authenticator/Authenticator

Google Authenticator adapter

References

  • http://en.wikipedia.org/wiki/Google_Authenticator

Algorithm

secret := base32decode(secret)
message := floor(current Unix time / 30)
hash := HMAC-SHA1(secret, message)
offset := last nibble of hash
truncatedHash := hash[offset..offset+3]  //4 bytes starting at the offset
set the first bit of truncatedHash to zero  //remove the most significant bit
code := truncatedHash mod 1000000
pad code with 0 until length of code is 6

return code

Extends

  • TOTP